Arigato Autoresponder and Newsletter

This plugin allows scheduling of automated autoresponder messages / drip marketing messages, instant newsletters, and managing a mailing list.

v2.7.2.7BobUpdated 11 months agoAdded 16 years ago600 installs94% rating100% support resolved

Autoresponder auto responder contact form mailing list newsletter

Score

1,318

Errors

769

Warnings

Change

Category Scores

Security0

Repo94

Performance100

Maintainability0

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

2,087 findings

Security

1,123

10 issue groups

I18n

532

3 issue groups

Maintainability

414

12 issue groups

ERRORI18nText Domain MismatchMismatched text domain. Expected 'bft-autoresponder' but got 'broadfast'.495

Category: I18n
Occurrences: 495
Severity: error

Sample message

Mismatched text domain. Expected 'bft-autoresponder' but got 'broadfast'.

WordPress.WP.I18n.TextDomainMismatch Reference

ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.394

Category: Security
Occurrences: 394
Severity: error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunction Reference

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<meta http-equiv='refresh' content='0;url=$url' />"'.201

Category: Security
Occurrences: 201
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<meta http-equiv='refresh' content='0;url=$url' />"'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGSecurityRequest data is not unslashed$_GET['action'] not unslashed before sanitization. Use wp_unslash() or similar117

Category: Security
Occurrences: 117
Severity: warning

Sample message

$_GET['action'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.103

Category: Maintainability
Occurrences: 103
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().103

Category: Maintainability
Occurrences: 103
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $del_ids99

Category: Security
Occurrences: 99
Severity: error

Sample message

Use placeholders and $wpdb->prepare(); found $del_ids

WordPress.DB.PreparedSQL.NotPrepared

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_FILES['attachments']. Check that the array index exists before using it.99

Category: Security
Occurrences: 99
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_FILES['attachments']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$already_sent".78

Category: Maintainability
Occurrences: 78
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$already_sent".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.72

Category: Security
Occurrences: 72
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

Show 15 more

WARNINGSecurityInput is not sanitized56

Category: Security
Occurrences: 56
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_FILES['attachments']['name']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityMissing nonce verification49

Category: Security
Occurrences: 49
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGMaintainabilityNon-prefixed function38

Category: Maintainability
Occurrences: 38
Severity: warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "BFTquickDD_date".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound

ERRORI18nMissing Translators Comment31

Category: I18n
Occurrences: 31
Severity: error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsComment Reference

ERRORSecurityDatabase parameter is not escaped30

Category: Security
Occurrences: 30
Severity: error

Sample message

Unescaped parameter $del_ids used in $wpdb->query()\n$del_ids assigned unsafely at line 74.

PluginCheck.Security.DirectDB.UnescapedDBParameter

ERRORMaintainabilitydate date23

Category: Maintainability
Occurrences: 23
Severity: error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

ERRORMaintainabilityMissing direct file access protection22

Category: Maintainability
Occurrences: 22
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

WARNINGMaintainabilityNon-prefixed constant16

Category: Maintainability
Occurrences: 16
Severity: warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "BFT_ATTACHMENTS".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound

ERRORMaintainabilityunlink unlink8

Category: Maintainability
Occurrences: 8
Severity: error

Sample message

unlink() is discouraged. Use wp_delete_file() to delete a file.

WordPress.WP.AlternativeFunctions.unlink_unlink

WARNINGMaintainabilitySchema Change6

Category: Maintainability
Occurrences: 6
Severity: warning

Sample message

Attempting a database schema change is discouraged.

WordPress.DB.DirectDatabaseQuery.SchemaChange

WARNINGSecurityInterpolated SQL is not prepared6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $field at \t\t\tWHERE $field=%d ORDER BY id"

WordPress.DB.PreparedSQL.InterpolatedNotPrepared

WARNINGMaintainabilityNon-prefixed class6

Category: Maintainability
Occurrences: 6
Severity: warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "BFTAttachmentModel".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound

WARNINGMaintainabilityMissing Version6

Category: Maintainability
Occurrences: 6
Severity: warning

Sample message

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion

ERRORI18nUnordered Placeholders Text6

Category: I18n
Occurrences: 6
Severity: error

Sample message

Multiple placeholders in translatable strings should be ordered. Expected "%1$d, %2$d", but got "%d, %d" in '%d sent, %d failed'.

WordPress.WP.I18n.UnorderedPlaceholdersText Reference

WARNINGMaintainabilityMixed line endings5

Category: Maintainability
Occurrences: 5
Severity: warning

Sample message

File has mixed line endings; this may cause incorrect results

Internal.LineEndings.Mixed

External Connections

Potential connections found in static code analysis.

14 domains

Outbound calls

External assets

Incoming endpoints

Notable Domains

calendarscripts.info13 · outbound

jqueryui.com3 · outbound

yoast.com3 · outbound

blog.calendarscripts.info2 · outbound

developers.google.com1 · outbound

ninjaforms.com1 · outbound

Platform / Reference Domains

wordpress.org6 · platform/reference

core.trac.wordpress.org1 · platform/reference

External Asset Domains

google.com10 · asset + outbound

Incoming Endpoints

No public endpoints detected.

Score History

First score snapshot

2 days ago

v2.7.2.7

Latest

Findings: 2,087
Errors: 1,318
Warnings: 769
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
2 days agoLatest	24	2,087	1,318	769	v2.7.2.7	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Loading map

PluginAuthorCategoryIssueDomainRelated

Relationship links

Issue

Domain

Related Plugins

Add Password Field for Contact Form 7

3k+ active installs

100

Contact Form Query

1k+ active installs

100

Style Contact Form 7

1k+ active installs

100

WS Form LITE – Drag & Drop Contact Form Builder

10k+ active installs

100

ACF Field For CF7

10k+ active installs

Connect Elementor Forms to Google Sheets Addon

800 active installs